Premium Content

Access "Attackers zero in on Web application vulnerabilities"

Published: 19 Oct 2012

When users of link sharing and discussion website MetaFilter detected malicious code transforming benign webpages into a drive-by attack platform, Matthew Haughey raced to fix the security flaw. Haughey, a programmer and Web designer who started the site in 1999, soon figured out the problem: a standard SQL injection attack targeting a poorly coded Web application that he built when the website first went live. It was his first Web application and Haughey admits that it failed to filter out variables from the URL. "Someone discovered it, exploited it, and wreaked havoc," says Haughey, recalling the incident, which took down parts of the website last year. "It took us about two days to plug up the holes on every page and make sure every read of every URL was safe." Security experts say problems such as this are happening on websites all over the Internet at an alarming rate. Web application vulnerability flaws account for more than 80 percent of the vulnerabilities discovered, according to the SANS Institute. In many cases, attackers exploit a Web application... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free